From 71e6035c31cb72f1e8398646f5b59ec04adb032b Mon Sep 17 00:00:00 2001 From: midoks Date: Fri, 3 May 2019 23:21:33 +0800 Subject: [PATCH] up --- plugins/op_waf/index.py | 52 +++++++- plugins/op_waf/js/op_waf.js | 230 ++++++++++++++++++++++++------------ 2 files changed, 206 insertions(+), 76 deletions(-) diff --git a/plugins/op_waf/index.py b/plugins/op_waf/index.py index 4c3b4d802..a54989250 100755 --- a/plugins/op_waf/index.py +++ b/plugins/op_waf/index.py @@ -121,8 +121,16 @@ def initSiteInfo(): tmp['cookie'] = config_contents['cookie'] tmp['scan'] = config_contents['scan'] - cdn_header = ['x-forwarded-for', 'x-real-ip'] + cdn_header = ['x-forwarded-for', + 'x-real-ip', 'HTTP_CF_CONNECTING_IP'] tmp['cdn_header'] = cdn_header + + disable_upload_ext = ["php", "jsp"] + tmp['disable_upload_ext'] = disable_upload_ext + + disable_path = ['sql'] + tmp['sql'] = disable_path + site_contents_new[name] = tmp cjson = public.getJson(site_contents_new) @@ -392,6 +400,44 @@ def getSiteConfigByName(): return public.returnJson(True, 'ok!', retData) +def addSiteCdnHeader(): + args = getArgs() + data = checkArgs(args, ['siteName', 'cdn_header']) + if not data[0]: + return data[1] + path = getJsonPath('site') + content = public.readFile(path) + content = json.loads(content) + + siteName = args['siteName'] + retData = {} + if siteName in content: + content[siteName]['cdn_header'].append(args['cdn_header']) + + cjson = public.getJson(content) + public.writeFile(path, cjson) + return public.returnJson(True, '添加成功!') + + +def removeSiteCdnHeader(): + args = getArgs() + data = checkArgs(args, ['siteName', 'cdn_header']) + if not data[0]: + return data[1] + path = getJsonPath('site') + content = public.readFile(path) + content = json.loads(content) + + siteName = args['siteName'] + retData = {} + if siteName in content: + content[siteName]['cdn_header'].remove(args['cdn_header']) + + cjson = public.getJson(content) + public.writeFile(path, cjson) + return public.returnJson(True, '删除成功!') + + def getLogsList(): args = getArgs() data = checkArgs(args, ['siteName']) @@ -501,6 +547,10 @@ if __name__ == "__main__": print getSiteConfig() elif func == 'get_site_config_byname': print getSiteConfigByName() + elif func == 'add_site_cdn_header': + print addSiteCdnHeader() + elif func == 'remove_site_cdn_header': + print removeSiteCdnHeader() elif func == 'get_logs_list': print getLogsList() elif func == 'get_safe_logs': diff --git a/plugins/op_waf/js/op_waf.js b/plugins/op_waf/js/op_waf.js index 2d30cc749..133d06d2e 100755 --- a/plugins/op_waf/js/op_waf.js +++ b/plugins/op_waf/js/op_waf.js @@ -1014,6 +1014,144 @@ function html_decode(value) { } +//CDN-Header配置 +function cdnHeader(siteName, type) { + if (type == undefined) { + create_l = layer.open({ + type: 1, + title: "管理网站【" + siteName + "】CDN-Headers", + area: ['500px', '500px'], + closeBtn: 2, + shadeClose: false, + content: '
\ +
\ + \ + \
\ +
\ +
\ + \ + \ + \ + \ + \ + \ + \ + \ +
header操作
\ +
\ +
\ +
' + }); + tableFixed("cdnHeader"); + } + + owPost('get_site_config_byname', { siteName: siteName }, function(data){ + var tmp = $.parseJSON(data.data); + var t1 = tmp.data; + var rdata = t1['cdn_header']; + var tbody = '' + for (var i = 0; i < rdata.length; i++) { + tbody += '\ + '+ rdata[i] + '\ + 删除\ + ' + } + $("#cdn_header_con").html(tbody); + }); +} + +//添加CDN-Header +function addCdnHeader(siteName) { + var pdata = { + cdn_header: $("input[name='cdn_header_key']").val(), + siteName: siteName + } + + if (pdata['cdn_header'] == '') { + layer.msg('header不能为空'); + $("input[name='cdn_header_key']").focus(); + return; + } + + owPost('add_site_cdn_header', pdata, function(data){ + var rdata = $.parseJSON(data); + layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 }); + if (rdata.status) { + setTimeout(function(){ + cdnHeader(siteName, 1); + },1000); + } + }); +} + + //删除CDN-Header +function removeCdnHeader(siteName, cdn_header_key) { + owPost('remove_site_cdn_header', { siteName: siteName, cdn_header: cdn_header_key }, function(data){ + var rdata = $.parseJSON(data.data); + layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 }); + if (rdata.status) { + setTimeout(function(){ + cdnHeader(siteName, 1); + },1000); + } + }); +} + + +//网站规则设置 +function setSiteObjConf(siteName, ruleName, type) { + if (type == undefined) { + create_l = layer.open({ + type: 1, + title: "编辑网站【" + siteName + "】规则【" + ruleName + "】", + area: ['700px', '530px'], + closeBtn: 2, + shadeClose: false, + content: '
\ +
\ +
\ + \ + \ + \ + \ + \ + \ + \ + \ + \ +
规则说明状态
\ +
\ +
\ +
' + }); + tableFixed("SetSiteObjConf"); + } + + getRuleByName(ruleName, function(data){ + var tmp = $.parseJSON(data.data); + var rdata = $.parseJSON(tmp.data); + var tbody = ''; + var tbody = ''; + for (var i = 0; i < rdata.length; i++) { + if (rdata[i][0] == -1) continue; + tbody += '\ + '+ rdata[i][1] + '\ + '+ rdata[i][2] + '\ + \ +
\ +
\ + \ + ' + } + $("#set_site_obj_conf_con").html(tbody) + }); +} + //网站设置 function siteWafConfig(siteName, type) { if (type == undefined) { @@ -1061,13 +1199,13 @@ function siteWafConfig(siteName, type) { \ \ \ - 设置\ + 设置\ \ \ 恶意容忍设置\ '+ rdata.retry.retry_cycle + ' 秒内,累计超过 ' + rdata.retry.retry + ' 次恶意请求,封锁IP ' + rdata.retry.retry_time + ' 秒\   --\ - 设置\ + 设置\ \ \ GET-URI过滤\ @@ -1078,7 +1216,7 @@ function siteWafConfig(siteName, type) { \ \ \ - 规则\ + 规则\ \ GET-参数过滤\ '+ rdata.get.ps + '\ @@ -1131,7 +1269,7 @@ function siteWafConfig(siteName, type) { \ \ \ - 设置\ + 设置\ \ \ 使用CDN\ @@ -1142,7 +1280,19 @@ function siteWafConfig(siteName, type) { \ \ \ - 设置\ + 设置\ + \ + \ + 禁止扩展名\ + 禁止访问指定扩展名\ +   --\ + 设置\ + \ + \ + 禁止上传的文件类型\ + 禁止上传指定的文件类型\ +   --\ + 设置\ \ \ \ @@ -1154,76 +1304,6 @@ function siteWafConfig(siteName, type) { '; $("#s_w_c").html(con); }); - // var loadT = layer.msg('正在获取网站配置..', { icon: 16, time: 0 }); - // $.post('/plugin?action=a&name=btwaf&s=get_site_config_byname', { siteName: siteName }, function (rdata) { - // nginx_config = rdata; - // layer.close(loadT); - // var con = '
\ - //
\ - // 网站防火墙开关\ - //
\ - // \ - // \ - //
\ - //
\ - //
\ - //
\ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - // \ - //
名称描述状态操作
禁止执行PHP的URL禁止在指定URL运行PHP脚本  --设置
禁止访问的URL禁止访问指定的URL  --设置
禁止扩展名禁止访问指定扩展名  --设置
禁止上传的文件类型禁止上传指定的文件类型  --设置
受保护的URL通过自定义参数加密URL地址,参数错误将被拦截  --设置
URL专用过滤为特定URL地址设置过滤规则  --设置
\ - //
\ - //
\ - // \ - //
'; - // $("#s_w_c").html(con); - // }); }